2024-09-19_f60e21ed7b26db42690fcb669cd23e5c_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-19_f60e21ed7b26db42690fcb669cd23e5c_magniber
Size

13.8MB
MD5

f60e21ed7b26db42690fcb669cd23e5c
SHA1

639c6297e1fafc555e3d672c6e052bfb3be6b7e4
SHA256

59afd8fd7c43eb27900b88109ede1cfb72d1ec99e38a9ba84ce08fa59e19e92e
SHA512

4bb50e37973b5361b94a04484d00ebe9493f9d452b39fa54745a1c788acd0d073ccc6130f09ad771492e7a4d82f0d16ff093b6087d6f784c0d8e9e0108e336a4
SSDEEP

196608:L89EbN1g6dtAD1M4B72QcG9saBLchDpaWobPWqnqGK5VaAK/sXMerA9xLcWllRmu:PN1ndUM4OwsaBomWoLZDwVZnqcKt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-19_f60e21ed7b26db42690fcb669cd23e5c_magniber

Files

2024-09-19_f60e21ed7b26db42690fcb669cd23e5c_magniber
.exe windows:4 windows x86 arch:x86

c62fb80fd3b3cfc7cbf1189d7e254e33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_Trunk\workspace\12.14Patch_SourceJob\qqpcmgr_proj\Basic\Output\BinFinal\QQPCMgrPacket.pdb

Imports

kernel32

Process32NextW
Module32FirstW
Module32NextW
SetThreadPriority
ReleaseMutex
OpenThread
SuspendThread
VirtualFree
VirtualAlloc
ReleaseSemaphore
CreateSemaphoreW
GetStdHandle
SetEndOfFile
GetTempFileNameW
MoveFileW
GetFullPathNameW
GetSystemInfo
IsBadReadPtr
Process32FirstW
CreateToolhelp32Snapshot
GetDriveTypeA
GetCurrentDirectoryA
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
OutputDebugStringW
IsValidCodePage
GetOEMCP
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
RtlUnwind
GetSystemTimeAsFileTime
ExitProcess
IsDebuggerPresent
UnhandledExceptionFilter
GetModuleHandleA
VirtualProtect
ExitThread
GetStartupInfoW
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreatePipe
LoadLibraryA
VirtualQuery
GetSystemDefaultLangID
CreateFileA
GlobalAlloc
GlobalLock
GetCPInfo
GetLocalTime
SetFilePointer
CreateDirectoryW
RemoveDirectoryW
MoveFileExW
LocalAlloc
LoadLibraryExW
SetCurrentDirectoryW
lstrcmpiW
CreateFileMappingW
MapViewOfFileEx
CreateMutexW
OpenMutexW
GetPrivateProfileIntW
GlobalMemoryStatus
lstrcmpW
FlushInstructionCache
GetPrivateProfileStringW
UnmapViewOfFile
GetFileAttributesW
MapViewOfFile
OpenFileMappingW
QueryDosDeviceW
FindNextFileW
WideCharToMultiByte
lstrlenW
CreateThread
FreeResource
GetDiskFreeSpaceExW
GetDriveTypeW
GetLogicalDriveStringsW
FreeLibrary
RaiseException
MultiByteToWideChar
WriteFile
GetVersion
GetExitCodeProcess
DeviceIoControl
GetCurrentDirectoryW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
WritePrivateProfileStringW
GetCommandLineW
lstrcpynW
VirtualAllocEx
WriteProcessMemory
SetUnhandledExceptionFilter
TerminateProcess
CreateProcessW
OpenProcess
SearchPathW
InitializeCriticalSection
SetErrorMode
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameW
SetLastError
LocalFree
FindResourceExW
LoadResource
LockResource
SetFileAttributesW
SizeofResource
FindResourceW
FindClose
FindFirstFileW
GetCurrentThread
GetModuleHandleW
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
LeaveCriticalSection
EnterCriticalSection
DuplicateHandle
GetCurrentProcess
GetLastError
InitializeCriticalSectionAndSpinCount
HeapAlloc
InterlockedIncrement
GetProcessHeap
HeapFree
DeleteCriticalSection
GlobalFree
InterlockedDecrement
WaitForMultipleObjects
SetEvent
WaitForSingleObject
ResetEvent
CreateEventW
GetVersionExW
CopyFileW
Sleep
GetTickCount
ReadFile
CloseHandle
GetFileSize
CreateFileW
DeleteFileW
GetTempPathW
lstrlenA

user32

UnregisterClassA
LoadStringW
CharLowerW
LoadIconW
CreateWindowExW
SetWindowLongW
DestroyWindow
FindWindowW
MessageBoxW
LoadCursorW
ShowWindow
GetParent
LoadImageW
PostQuitMessage
GetWindowPlacement
PostThreadMessageW
EndPaint
GetDlgItem
DefWindowProcW
PostMessageW
MoveWindow
MsgWaitForMultipleObjectsEx
PeekMessageW
GetActiveWindow
ReleaseCapture
BeginPaint
SetCursor
SetCapture
PtInRect
CopyImage
GetKeyState
TrackPopupMenu
GetSystemMenu
GetMonitorInfoW
MonitorFromWindow
SetWindowRgn
mouse_event
GetSystemMetrics
OffsetRect
DrawFrameControl
UpdateLayeredWindow
EqualRect
GetDlgCtrlID
DrawIconEx
IsWindowVisible
FrameRect
FillRect
CallWindowProcW
GetWindowDC
ClientToScreen
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetTimer
KillTimer
DrawTextW
CharUpperW
ReleaseDC
GetDC
InflateRect
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
GetWindowThreadProcessId
CharNextW
TranslateMessage
GetMessageW
GetClassInfoExW
IsWindow
SetActiveWindow
SendMessageTimeoutW
InvalidateRect
SetWindowPos
RegisterClassExW
GetWindow
SystemParametersInfoW
MapWindowPoints
GetWindowLongW
SendMessageW
SetRect
EnableWindow
IsWindowEnabled
GetClientRect
CopyRect
GetDesktopWindow
DispatchMessageW
GetWindowRect

gdi32

SetBkMode
SelectObject
CreateCompatibleDC
GetObjectW
GetStockObject
CreateDIBSection
BitBlt
CreateBitmap
StretchBlt
RoundRect
SetTextColor
DeleteDC
ExtTextOutW
CreateFontIndirectW
CreatePen
Rectangle
AddFontResourceW
DeleteObject
RestoreDC
TextOutW
GetClipRgn
CreateRectRgn
CreateRectRgnIndirect
SelectClipRgn
GetTextMetricsW
CreateSolidBrush
ExtSelectClipRgn
OffsetRgn
GetTextExtentPoint32W
LineTo
MoveToEx
CombineRgn
SetBkColor
RectInRegion
CreateCompatibleBitmap
SaveDC

advapi32

FreeSid
SetEntriesInAclW
AllocateAndInitializeSid
DeleteService
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegEnumKeyExW
SetSecurityDescriptorDacl
RegQueryInfoKeyW
InitializeSecurityDescriptor
RegDeleteKeyW
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegLoadKeyW
RegSetValueExW
RegOpenKeyW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
GetSecurityInfo
GetNamedSecurityInfoW
GetTokenInformation
AdjustTokenPrivileges
IsValidSid
GetLengthSid
RegCloseKey
RegOpenKeyExW
GetAce
LookupAccountNameW
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
GetAclInformation
SetNamedSecurityInfoW
AddAce
SetSecurityInfo
CopySid
InitializeAcl

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
SHGetSpecialFolderPathW
ord680
SHCreateDirectoryExW

ole32

CoTaskMemRealloc
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantCopy
VariantClear
SysAllocString
SysFreeString
VarUI4FromStr
OleLoadPicture
VariantInit

shlwapi

PathAppendW
PathIsDirectoryW
PathAddBackslashW
StrStrW
StrChrW
StrCatW
StrToIntExW
StrToIntA
PathFindFileNameW
PathQuoteSpacesW
PathRemoveBackslashW
PathFileExistsW
PathRemoveFileSpecW
wnsprintfW

comctl32

_TrackMouseEvent
InitCommonControlsEx

ws2_32

htonl
ntohl
htons

wininet

InternetOpenW
InternetGetConnectedState
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW

userenv

UnloadUserProfile

psapi

GetModuleFileNameExW
GetProcessImageFileNameW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

crypt32

CryptMsgGetParam
CertFindCertificateInStore
CryptQueryObject
CertGetNameStringW

netapi32

Netbios

Sections

.text
Size: 848KB - Virtual size: 845KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c62fb80fd3b3cfc7cbf1189d7e254e33

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

ws2_32

wininet

userenv

psapi

version

crypt32

netapi32

Sections

.text Size: 848KB - Virtual size: 845KB

.rdata Size: 144KB - Virtual size: 143KB

.data Size: 20KB - Virtual size: 36KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 848KB - Virtual size: 845KB

.rdata
Size: 144KB - Virtual size: 143KB

.data
Size: 20KB - Virtual size: 36KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB